Tuesday December 30, 2014

Throughout the nearly 30 years I have been in IT, risk management has been talked about and shown to be vital; yet, I think that the corporate focus follows the money too much.

Whether it’s client CIOs or supplier account managers, when I suggest that they should focus on software development risk, I get patronising comments about focussing on a less important part of clients’ spend. Typically I hear that 90% of software spend is on making sure that the current services are kept alive and functioning, so risk in software development is not important. After all, it doesn’t threaten the existence of the company to-day.

Existentially that assertion is not true. Just to-day I read about two UK supermarkets struggling to cope with the volume of orders, their websites crashing as a result. Ignoring the 10% is ignoring what is effectively the activity that primes the business pump.

My view is that such failures can arise when corners are cut in software development. For example, stress testing is not carried out sufficiently and, when loads exceed the system capacity, trouble ensues. Poor risk management, or worse, ignoring risks that can’t be managed because there’s not much money at stake, contributes to these issues.

Agile is our mantra to-day, and it’s one I subscribe to in a big way. It enables fast business change so clients are able to keep ahead of the competition by introducing unique services as differentiators. The speed to change also increases the risk of failure. Risk management of that 10% of your service spend becomes more, not less, important.

Strategic, Agile risk management must focus on the front-end of the service flow – development. Assessing risk management is a key part of our Project Triage Solution, where we aim to assist you from commissioning to delivery by giving you an independent assessment of the state of your project.